Received: by 2002:a05:6a10:16a7:0:0:0:0 with SMTP id gp39csp489136pxb; Thu, 19 Nov 2020 06:30:02 -0800 (PST) X-Google-Smtp-Source: ABdhPJy4esel7zJrDIuh3o7RJtHv3LObhEjjvt8neVROhIU0lAds7AaDkzUPuLrtobv8spZQkukH X-Received: by 2002:a17:906:17d6:: with SMTP id u22mr27526240eje.399.1605796202581; Thu, 19 Nov 2020 06:30:02 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1605796202; cv=none; d=google.com; s=arc-20160816; b=yIkngs+U36fyHpAeUMAsnv3Lfg38yA5u5Nlg78Mb69bZNgKtPqW+zOmlYS2rMVVdFi aKy3vBGo4/4I87aXJwVkjxb533JlxaHICo0rTDSxMDcjQoNvt5QW8s1sOYJ/peYeqVLK /Io0ZEU+v9NbX/b7xEssSqSJMDnWlHYMJqiBTM4lGz45egJ29aN0JlN/BXlNaNkBhz8L tz1H09zb3C2bQ6EsP9M+HywyfdnYgA8WhCOAVL25PNEVrmDKgjXUkuLwMjuqNy2wCCWZ 9quCEv2RE01ElD/U50vplXe8FFQFhokw1tiVhuauOj86sQu6F49+O9pt7H2oZuBT1grk JmsQ== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:message-id:date:subject:cc:to:from; bh=VwcAqk21FijyeHQBvMJtX6pWA58VxPCbwWeDlvd5Wm8=; b=jS6KmNb95pCggmHAEwDyLkfhHD0jKXgSkb2m9c+w3xQHrUHppS72R7D9WedjgHaatA f1G0aRByZaP/YhkBLrvrccs0dEMwEFOrSG5Xh+YrtsUwDHAwcqreZDKIgekRrdy5mbCO db1sSezCOPEc/rgj3D3Cr7n8ZaXSDxiCyRmiy/3Pj3XgdDvsN6c+lH+XutMWeaSCJCjP a9TqJPPBBLO+xFp+XIVfOYtesewaE7ROe3pUiCd/l5hS9VfB8J3XnNGSkj6PwHJlu3Wv ePuMONBhdijttMu2o3lwemTuwrpF67uo3NcQwmxWpNrn4zi3qTaFr1LaATsBkm0IlNN1 hTAg== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id q23si23467180edb.127.2020.11.19.06.29.38; Thu, 19 Nov 2020 06:30:02 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=arm.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727858AbgKSO1y (ORCPT + 99 others); Thu, 19 Nov 2020 09:27:54 -0500 Received: from foss.arm.com ([217.140.110.172]:58922 "EHLO foss.arm.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1727809AbgKSO1y (ORCPT ); Thu, 19 Nov 2020 09:27:54 -0500 Received: from usa-sjc-imap-foss1.foss.arm.com (unknown [10.121.207.14]) by usa-sjc-mx-foss1.foss.arm.com (Postfix) with ESMTP id 7555D1042; Thu, 19 Nov 2020 06:27:53 -0800 (PST) Received: from entos-ampere-02.shanghai.arm.com (entos-ampere-02.shanghai.arm.com [10.169.214.110]) by usa-sjc-imap-foss1.foss.arm.com (Postfix) with ESMTPA id 7E36E3F719; Thu, 19 Nov 2020 06:27:51 -0800 (PST) From: Jia He To: Alex Williamson , Cornelia Huck Cc: kvm@vger.kernel.org, linux-kernel@vger.kernel.org, Jia He Subject: [PATCH] vfio iommu type1: Bypass the vma permission check in vfio_pin_pages_remote() Date: Thu, 19 Nov 2020 22:27:37 +0800 Message-Id: <20201119142737.17574-1-justin.he@arm.com> X-Mailer: git-send-email 2.17.1 Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org The permission of vfio iommu is different and incompatible with vma permission. If the iotlb->perm is IOMMU_NONE (e.g. qemu side), qemu will simply call unmap ioctl() instead of mapping. Hence vfio_dma_map() can't map a dma region with NONE permission. This corner case will be exposed in coming virtio_fs cache_size commit [1] - mmap(NULL, size, PROT_NONE, MAP_ANONYMOUS | MAP_PRIVATE, -1, 0); memory_region_init_ram_ptr() - re-mmap the above area with read/write authority. - vfio_dma_map() will be invoked when vfio device is hotplug added. qemu: vfio_listener_region_add() vfio_dma_map(..., readonly=false) map.flags is set to VFIO_DMA_MAP_FLAG_READ|VFIO_..._WRITE ioctl(VFIO_IOMMU_MAP_DMA) kernel: vfio_dma_do_map() vfio_pin_map_dma() vfio_pin_pages_remote() vaddr_get_pfn() ... check_vma_flags() failed! because vm_flags hasn't VM_WRITE && gup_flags has FOLL_WRITE It will report error in qemu log when hotplug adding(vfio) a nvme disk to qemu guest on an Ampere EMAG server: "VFIO_MAP_DMA failed: Bad address" [1] https://gitlab.com/virtio-fs/qemu/-/blob/virtio-fs-dev/hw/virtio/vhost-user-fs.c#L502 Signed-off-by: Jia He --- drivers/vfio/vfio_iommu_type1.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/drivers/vfio/vfio_iommu_type1.c b/drivers/vfio/vfio_iommu_type1.c index 67e827638995..33faa6b7dbd4 100644 --- a/drivers/vfio/vfio_iommu_type1.c +++ b/drivers/vfio/vfio_iommu_type1.c @@ -453,7 +453,8 @@ static int vaddr_get_pfn(struct mm_struct *mm, unsigned long vaddr, flags |= FOLL_WRITE; mmap_read_lock(mm); - ret = pin_user_pages_remote(mm, vaddr, 1, flags | FOLL_LONGTERM, + ret = pin_user_pages_remote(mm, vaddr, 1, + flags | FOLL_LONGTERM | FOLL_FORCE, page, NULL, NULL); if (ret == 1) { *pfn = page_to_pfn(page[0]); -- 2.17.1